- Enforce [Authorize(Policy = AuthPolicy.Sender)] on controller
- Switch to primary constructor for dependency injection
- Remove obsolete constructor and private fields
- Update method logic to use constructor parameters directly
- Improve XML documentation and code clarity
- Ensure consistent use of MediatR for command/query handling
Refactored DocumentController to use IAuthorizationService and async policy checks via IsUserInPolicyAsync instead of role checks. Implemented IAuthController interface and removed ILogger dependency. Updated usings for new authorization logic.
Refactored AuthController to implement IAuthController and expose AuthService. Removed the protected IsUserInPolicyAsync method in favor of using an extension method for policy checks. Updated the Logout logic to use the new approach. Consolidated using directives into a single line.
Introduced IAuthController with AuthService and User properties to standardize authentication handling. Added AuthorizationControllerExtensions with IsUserInPolicyAsync to simplify policy-based authorization checks. Included necessary using directives.
Deleted the AuthExtensions.cs file, which included the AuthorizePolicyAsync extension for IAuthorizationService. This method and related code were no longer needed.
Introduce IsUserInPolicyAsync for cleaner policy checks in AuthController and update Logout to use it. Adjust Logout's response type to void and improve documentation and formatting.
- Inject IAuthorizationService for flexible policy checks
- Replace role checks in Logout with async policy authorization
- Merge IsAuthenticated into Check endpoint with optional role
- Update Check response type and clean up imports
Added the ReceiverOrReceiverTFA constant to the AuthPolicy class in EnvelopeGenerator.Domain.Constants. This constant is defined as nameof(ReceiverOrReceiverTFA) + nameof(AuthPolicy).
Introduced a static AuthExtensions class providing an AuthorizePolicyAsync extension method for IAuthorizationService. This method streamlines policy-based authorization checks by returning a boolean result for a given user and policy name.
Renamed receiver roles FullyAuth → Receiver.Full and PreAuth → Receiver.TFA across the codebase for improved clarity and consistency. Updated all usages, [Authorize] attributes, role checks, authentication logic, and authorization policies to use the new role names. Marked old constants as obsolete and pointed them to the new values. This change enhances code readability and groups receiver roles under the Receiver static class.
Replaced direct role-based [Authorize] attributes with named
authorization policies (e.g., AuthPolicy.Receiver,
AuthPolicy.SenderOrReceiver) in AnnotationController,
DocumentController, and ReadOnlyController. Added and registered
new policies in Program.cs and updated AuthPolicy constants.
This centralizes and simplifies authorization management.
Added the ReceiverTFA constant to the AuthPolicy class in the EnvelopeGenerator.Domain.Constants namespace. This new constant can be used to represent authentication policies specific to two-factor authentication for receivers.
Replaced SenderOrReceiverFullyAuth and ReceiverFullyAuth policies with more general SenderOrReceiver and Receiver policies. Updated policy definitions in AuthPolicy.cs to use nameof for clarity. Adjusted AddAuthorizationBuilder configuration and [Authorize] attributes in controllers to use the new, less restrictive policies, simplifying authorization logic.
Renamed AuthorizationPolicies to AuthPolicy and updated all references to use the new naming convention for authorization policy constants. This improves consistency and clarity across the codebase.
Switched from AddAuthorization to AddAuthorizationBuilder for
defining authorization policies, resulting in more concise and
modern code. Policy logic and requirements remain unchanged.
Replaced role-based [Authorize] attributes with policy-based ones in AuthController and TfaRegistrationController. This centralizes authorization logic and allows for more flexible access control.
Introduce SenderOrReceiverFullyAuth and ReceiverFullyAuth policies for role-based authorization. Register these policies in Program.cs. Also, fix OpenApiReference type for Swagger security configuration.
- Change AuthController to use IOptions<AuthTokenKeys> for config
- Restrict Logout and new Check endpoints to Sender and Receiver.FullyAuth roles
- Update Logout logic to handle cookie deletion or sign-out based on user role
- Add GET /api/auth/check to verify user role via query param
- Add necessary using statements for new dependencies
Introduced AuthProxyDocumentFilter to programmatically document the POST /api/auth proxy login endpoint in Swagger. The filter defines request body schemas, example values, query parameter, and response codes. Registered the filter in Program.cs for OpenAPI generation.
Changed the default Audience property in AuthTokenKeys from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" to reflect the correct expected audience for authentication tokens.
Removed the previous Login method from AuthController, including its XML documentation and Swagger/OpenAPI annotations. This prepares the controller for a revised authentication implementation.
Integrated YARP by adding the Yarp.ReverseProxy package, including yarp.json for proxy configuration, and updating Program.cs to load and map reverse proxy routes. This enables the API to forward requests based on yarp.json settings.
Configured yarp.json to proxy POST /api/auth requests to the
auth-hub cluster at http://172.24.12.39:9090, rewriting the
path to /api/auth/sign-flow before forwarding.
Combined sender and receiver document retrieval into a single
GetDocument endpoint. The endpoint now authorizes both Sender
and Receiver.FullyAuth roles, handling their logic based on
role detection. Sender requires a query parameter; receiver
extracts envelope ID from claims and disallows query params.
Updated method signature and endpoint documentation.
- Updated DocumentController to use class-level [Authorize] and method-level role-based authorization for sender and receiver endpoints.
- Replaced ReadEnvelopeReceiverQuery with ReadDocumentQuery for sender document retrieval; simplified response logic.
- Added a new endpoint for fully authenticated receivers to fetch documents by envelope ID from user claims.
- Refactored ReadDocumentQuery and handler to always return DocumentDto, throw NotFoundException when needed, and use _repo.Query.
- Cleaned up using directives and removed legacy error handling and logging.
Refactored AuthController to use C# 12 primary constructor syntax for ILogger<AuthController> injection. Removed obsolete IUserService and IDirectorySearchService dependencies, their fields, and the old constructor. This streamlines the controller and prepares it for MediatR-based service handling.
Added a private extension method GetRequiredClaimOfSender to ClaimsPrincipal for retrieving the first available value from multiple claim types, throwing a detailed exception if none are found. Refactored GetId to use this method, improving code reuse and clarity when handling user claims.
Replaced nullable claim accessors with strict versions that throw exceptions if required claims are missing or invalid. Updated controller logic to use new methods and removed fallback/error handling for missing claims, ensuring stricter claim validation throughout the codebase.
Renamed the extension class for claims handling and added a private GetRequiredClaimOfSender method for ClaimsPrincipal. This method throws a detailed exception when a required claim is missing, improving error reporting and debugging.
Refactored the class name in ReceiverClaimExtensions.cs to better reflect its focus on receiver-specific claim extension methods rather than general envelope authentication. No functional changes were made.
Renamed authentication-related extension methods to clarify that they extract claims for the "receiver" context (e.g., GetAuthReceiverSignature → GetReceiverSignatureOfReceiver). Updated all usages in AnnotationController and ReadOnlyController. Also renamed the helper method GetRequiredClaim to GetRequiredClaimOfReceiver for improved clarity and reduced ambiguity.
The GetClaimValue method, which delegated to GetRequiredClaim for retrieving claim values by type, has been removed from the EnvelopeAuthExtensions class. Other functionality in the class remains unchanged.
Refactored ControllerExtensions: moved user claim extraction
methods from EnvelopeGenerator.API.Controllers to the new
EnvelopeGenerator.API.Extensions namespace. Updated all
references and using statements accordingly. No logic changes;
improves code organization and clarity.
Added [Obsolete] attribute to GetAnnotationParams in ConfigController to indicate that PSPDF Kit will no longer be used and the method is deprecated. This warns developers to avoid using this method in future development.
Updated [Authorize] attributes to require Receiver.FullyAuth role on AnnotationController and relevant methods. Removed redundant claim checks now enforced by role-based authorization. Clarified [Obsolete] message for PSPDF Kit endpoint.
Changed [Authorize] to require Receiver.FullyAuth role for CreateAsync, restricting access to receiver users. Removed explicit null check and logging for envelopeId claim, allowing the method to proceed without this validation.
Refactored EnvelopeAuthExtensions to require presence of all key authentication claims. Added GetRequiredClaim helper that throws detailed exceptions if claims are missing or invalid, replacing nullable return types with non-nullable ones. This ensures authentication logic fails fast and provides clearer error messages when claims are misconfigured or tampered with.
Added a new Sender constant to the Role class within the EnvelopeGenerator.Domain.Constants namespace, allowing it to be used alongside existing Receiver role constants.
Refactored the Role class by introducing a nested static Receiver class containing PreAuth and FullyAuth constants. Marked the original Role.PreAuth and Role.FullyAuth as [Obsolete] with guidance to use the new Receiver constants. Added a conditional using directive for System for NETFRAMEWORK compatibility.
Replaced all usages of ReceiverRole with the new Role class in EnvelopeGenerator.Domain.Constants. Removed ReceiverRole.cs and added Role.cs with PreAuth and FullyAuth constants. Updated all [Authorize] attributes and role checks in controllers and authentication logic to use Role.FullyAuth and Role.PreAuth. This centralizes role management for improved maintainability and clarity.
Expanded AllowedOrigins for CORS to include additional URLs. Updated AuthClientParams URL and adjusted Audience values in both AuthClientParams and AuthTokenKeys to use sign-flow.digitaldata.works. No other settings were changed.
Changed AuthClientParams "Url" to use the new endpoint (http://172.24.12.39:9090/auth-hub) and updated the "Audience" in "PublicKeys" from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" in appsettings.Development.json.
The EnvelopeGenerator.API.csproj file no longer includes a direct ProjectReference to EnvelopeGenerator.CommonServices.vbproj. This change decouples the API project from the CommonServices project.
Changed namespace to EnvelopeGenerator.API.Controllers. Updated _mLocalizer and its constructor parameter to use IStringLocalizer<Resource> instead of IStringLocalizer<Model>. Removed unused EnvelopeGenerator.CommonServices using directive.
EnvelopeGenerator.Terminal project and all related configuration
and solution folder mappings have been removed from
EnvelopeGenerator.sln. This cleans up the solution by excluding
the Terminal project and its build settings.
Replaced usage of the userId variable with User.GetId() when formatting the SQL query in EnvelopeReceiverController. This ensures the user ID is dynamically retrieved from the authenticated user context, improving accuracy and security.
Added XML documentation to extension and handler classes for improved maintainability. Refactored repository access to use .Query instead of .ReadOnly() for consistency. Updated async extension methods for better readability and error handling.
Replaced all EnvelopeGenerator.GeneratorAPI namespaces with EnvelopeGenerator.API across controllers, models, extensions, middleware, and annotation-related files. Updated using/import statements and namespace declarations accordingly. Added wwwroot folder to project file. Minor code adjustments made for consistency. This unifies API naming for improved clarity and maintainability.
